Re: NAT addresses - RFC or tradition?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It's quite simple.
You're using public IPs in your internal networks.
Some of these IPs may exist and have an owner an maybe even a web site.
You'll be in trouble in the day you wish to acess one of these IPs on the 
internet because you won't reach them because you have them on your network 
and so won't route the packets to the internet.

The IP's in fact, don't have any thing different, so you can use them and 
iptables will not have any problems. It's just a route problem, that as you 
chose to use these IP's, you won't be able to reach these real public IP's in 
the internet.

Sorry for the bad english.

On Tuesday 22 May 2007 16:26, Paul Blondé wrote:
> I've noticed that a lot of people use the 192.168.X.X subnet for internal
> networks, is this (and the less-used 10-series) a requirement of some RFC,
> or a recommendation that has become tradition?
>
> We are using a completely different subnet, something similar to (for
> example) 42.127.129.X to further obfuscate the internal network from
> outside. This, and many other examples, produces a class-A subnet mask
> (some produce a class-B) when entered in WinXP's TCP/IP dialog, although
> the actual mask we use with it is class-C.
>
> Is this a no-no? Will it break our server's IPTables when communicating
> with it? Am I in for a lot of trouble? The addresses don't seem to cause
> any problems, but I don't want this to jump up and bite us in the bottom
> sometime down the road.
>
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Paul Blondé

-- 
André Guimarães
Databras Informática
Matriz RJ - 55 (21) 2518-2363
Filial ES - 55 (27) 3233-0098
http://www.databras.com.br



[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux